ALSA-2025:16904
- Source
- https://errata.almalinux.org/10/ALSA-2025-16904.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:16904.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ALSA-2025:16904
- Related
- Published
- 2025-09-29T00:00:00Z
- Modified
- 2025-11-28T22:05:04.897858Z
- Summary
- Moderate: kernel security update
- Details
-
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: fs: export anoninodemakesecureinode() and fix secretmem LSM bypass (CVE-2025-38396)
- kernel: smb: client: fix use-after-free in cifsoplockbreak (CVE-2025-38527)
- kernel: cifs: Fix the smbd_response slab to allow usercopy (CVE-2025-38523)
- kernel: tls: fix handling of zero-length records on the rx_list (CVE-2025-39682)
- kernel: iouring/futex: ensure iofutex_wait() cleans up properly on failure (CVE-2025-39698)
- kernel: s390/sclp: Fix SCCB present check (CVE-2025-39694)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2025:16904
- https://access.redhat.com/security/cve/CVE-2025-38396
- https://access.redhat.com/security/cve/CVE-2025-38523
- https://access.redhat.com/security/cve/CVE-2025-38527
- https://access.redhat.com/security/cve/CVE-2025-39682
- https://access.redhat.com/security/cve/CVE-2025-39694
- https://access.redhat.com/security/cve/CVE-2025-39698
- https://bugzilla.redhat.com/2383441
- https://bugzilla.redhat.com/2388928
- https://bugzilla.redhat.com/2388948
- https://bugzilla.redhat.com/2393511
- https://bugzilla.redhat.com/2393519
- https://bugzilla.redhat.com/2393534
- https://errata.almalinux.org/10/ALSA-2025-16904.html
Affected packages
AlmaLinux:10 / kernel-abi-stablelists
Package
- Name
- kernel-abi-stablelists
- Purl
- pkg:rpm/almalinux/kernel-abi-stablelists